openbsd
9 years agoavoid trailing ',' in host key algorithms
djm [Sun, 18 Jan 2015 13:33:34 +0000 (13:33 +0000)]
avoid trailing ',' in host key algorithms

9 years agoinfer key length correctly when user specified a fully-
djm [Sun, 18 Jan 2015 13:22:28 +0000 (13:22 +0000)]
infer key length correctly when user specified a fully-
qualified key name instead of using the -b bits option;
ok markus@

9 years agoThe 'mrs' instruction only deals with the whole register without
jsg [Sun, 18 Jan 2015 12:03:11 +0000 (12:03 +0000)]
The 'mrs' instruction only deals with the whole register without
masking.  Remove the use of cpsr_all/spsr_all with 'mrs' and just use
the register names.  This matches the arm docs and avoids confusion as
cpsr_all/spsr_all don't include bits 23->8 when used with the 'msr'
instruction but do with 'mrs'.

9 years agoSince we are no longer resetting rings when a Babble or Stall condition
mpi [Sun, 18 Jan 2015 11:54:02 +0000 (11:54 +0000)]
Since we are no longer resetting rings when a Babble or Stall condition
is detected, simply keep track of the faulty xfer instead of completing
all the pending ones.

Fix a race condition where we could end up aborting a freshly enqueued
xfer when two different threads are submitting control transfers (i.e.
usbdevs(8) and a kernel driver).

9 years agoDrop backward compat syntax.
ajacoutot [Sun, 18 Jan 2015 10:29:53 +0000 (10:29 +0000)]
Drop backward compat syntax.

9 years agounifdef IPKDB. These codepaths are holdouts from NetBSD code and are
jsg [Sun, 18 Jan 2015 10:17:41 +0000 (10:17 +0000)]
unifdef IPKDB.  These codepaths are holdouts from NetBSD code and are
not used.

9 years agoThe world is ELF: use <sys/exec_elf.h> instead of <a.out.h> or <sys/exec.h>
guenther [Sun, 18 Jan 2015 05:30:58 +0000 (05:30 +0000)]
The world is ELF: use <sys/exec_elf.h> instead of <a.out.h> or <sys/exec.h>
Use a better test for an input being ELF: struct exec is dead and there are
defines for the ELF magic.  Reorder #includes and do some whitespace cleanup.
Oh, and don't lead the fd if an input file isn't ELF.

ok deraadt@

9 years agoPer POSIX, <sys/socket.h> needs to expose struct iovec, and may do so
guenther [Sun, 18 Jan 2015 04:52:03 +0000 (04:52 +0000)]
Per POSIX, <sys/socket.h> needs to expose struct iovec, and may do so
by pulling in <sys/uio.h>, so do so.  Remove some stuff that we can trust
<sys/uio.h> to also provide, like cdefs.h, _types.h, and exposing size_t
and ssize_t

pointed out by naddy@
ok deraadt@

9 years agodo not require <a.out.h>
deraadt [Sun, 18 Jan 2015 04:48:24 +0000 (04:48 +0000)]
do not require <a.out.h>

9 years agosync
deraadt [Sun, 18 Jan 2015 03:46:24 +0000 (03:46 +0000)]
sync

9 years agoremove des.h. it somehow escaped from ssleay into /usr/include, but none
tedu [Sat, 17 Jan 2015 20:37:04 +0000 (20:37 +0000)]
remove des.h. it somehow escaped from ssleay into /usr/include, but none
of the functions prototyped here exist in libc, making it useless.

9 years agounit test for hostkeys in ssh-agent
djm [Sat, 17 Jan 2015 18:54:30 +0000 (18:54 +0000)]
unit test for hostkeys in ssh-agent

9 years agofix hostkeys on ssh agent; found by unit test I'm about to commit
djm [Sat, 17 Jan 2015 18:53:34 +0000 (18:53 +0000)]
fix hostkeys on ssh agent; found by unit test I'm about to commit

9 years agoSplit the consumer & producer logic into two different functions in
mpi [Sat, 17 Jan 2015 18:37:12 +0000 (18:37 +0000)]
Split the consumer & producer logic into two different functions in
order to read last TRB of the event ring.

Fix a bug introduced in r1.1.

9 years agoImprove wording in alloca.
tedu [Sat, 17 Jan 2015 18:01:43 +0000 (18:01 +0000)]
Improve wording in alloca.
1. it's not a bug; it's a caveat.
2. "slightly unsafe" gives me the willies.
3. one .Xr to malloc should suffice
ok deraadt jmc

9 years agouse NGROUPS_MAX
deraadt [Sat, 17 Jan 2015 17:49:26 +0000 (17:49 +0000)]
use NGROUPS_MAX

9 years agoguard usingacpi variable inside NACPI. from oyvind jaegtnes
tedu [Sat, 17 Jan 2015 17:44:15 +0000 (17:44 +0000)]
guard usingacpi variable inside NACPI. from oyvind jaegtnes

9 years agouse NGROUPS_MAX instead of NGROUPS
deraadt [Sat, 17 Jan 2015 17:22:07 +0000 (17:22 +0000)]
use NGROUPS_MAX instead of NGROUPS

9 years agoNGROUPS_MAX, not NGROUPS
deraadt [Sat, 17 Jan 2015 17:17:10 +0000 (17:17 +0000)]
NGROUPS_MAX, not NGROUPS

9 years agoDefine MAXHOSTNAMELEN as HOST_NAME_MAX+1. OK deraadt@
millert [Sat, 17 Jan 2015 15:03:09 +0000 (15:03 +0000)]
Define MAXHOSTNAMELEN as HOST_NAME_MAX+1.  OK deraadt@

9 years agoRemove unnecessary double-quotes inside [[]].
rpe [Sat, 17 Jan 2015 14:36:58 +0000 (14:36 +0000)]
Remove unnecessary double-quotes inside [[]].

OK krw@

9 years agoRemove a pasto introduced in the last commit, spotted by schwarze@
millert [Sat, 17 Jan 2015 13:37:59 +0000 (13:37 +0000)]
Remove a pasto introduced in the last commit, spotted by schwarze@

9 years agomake sure we have an interactivestub... I forgot the -I part from the old
espie [Sat, 17 Jan 2015 13:20:04 +0000 (13:20 +0000)]
make sure we have an interactivestub... I forgot the -I part from the old
script.

9 years agoUppercase global vars (auto -> AUTO, respfile -> RESPFILE)
rpe [Sat, 17 Jan 2015 10:09:06 +0000 (10:09 +0000)]
Uppercase global vars (auto -> AUTO, respfile -> RESPFILE)

OK krw@ deraadt@

9 years agoDelete an extra tab.
aoyama [Sat, 17 Jan 2015 08:26:10 +0000 (08:26 +0000)]
Delete an extra tab.

9 years agoAdd an ascii bit/field diagram for armv7-a psr to match the
jsg [Sat, 17 Jan 2015 08:00:41 +0000 (08:00 +0000)]
Add an ascii bit/field diagram for armv7-a psr to match the
existing one for earlier arm revisions.

9 years agodocument the <sys/param.h>
deraadt [Sat, 17 Jan 2015 07:37:14 +0000 (07:37 +0000)]
document the <sys/param.h>

9 years ago_KERNEL 1? no, just _KERNEL
deraadt [Sat, 17 Jan 2015 07:09:50 +0000 (07:09 +0000)]
_KERNEL 1?  no, just _KERNEL

9 years agoeliminate strcpy & strcat, by using strlcpy, strlcat or snprintf where
deraadt [Sat, 17 Jan 2015 05:31:29 +0000 (05:31 +0000)]
eliminate strcpy & strcat, by using strlcpy, strlcat or snprintf where
suitable.
ok jsg

9 years agoresume_randomness() before spinning up other cpus...
deraadt [Sat, 17 Jan 2015 04:18:49 +0000 (04:18 +0000)]
resume_randomness() before spinning up other cpus...

9 years agosync
deraadt [Sat, 17 Jan 2015 02:58:28 +0000 (02:58 +0000)]
sync

9 years agoMore complete gpio reset sequences for SABRE Lite/Nitrogen6X.
jsg [Sat, 17 Jan 2015 02:57:16 +0000 (02:57 +0000)]
More complete gpio reset sequences for SABRE Lite/Nitrogen6X.
From Patrick Wildt in Bitrig.

9 years agoDocument behavior of killing process 0, matching the text in kill(2).
millert [Fri, 16 Jan 2015 21:31:27 +0000 (21:31 +0000)]
Document behavior of killing process 0, matching the text in kill(2).
From Theo Buehler

9 years agoincrease namecache to maxvnodes again now that the n^2 loop is no more.
tedu [Fri, 16 Jan 2015 21:16:14 +0000 (21:16 +0000)]
increase namecache to maxvnodes again now that the n^2 loop is no more.
battle tested by krw

9 years agoLet man(1) show manuals for the current architecture by default,
schwarze [Fri, 16 Jan 2015 21:12:01 +0000 (21:12 +0000)]
Let man(1) show manuals for the current architecture by default,
and support the MACHINE environment variable as documented in man(1).
Missing feature reported by pascal@.

9 years agoConstify the driver name to disk type table, and remove rz and ccd from that
miod [Fri, 16 Jan 2015 20:21:40 +0000 (20:21 +0000)]
Constify the driver name to disk type table, and remove rz and ccd from that
list.
ok krw@ millert@

9 years agoRevert forcing a rachitic `c' slice size when the drive geometry is not known,
miod [Fri, 16 Jan 2015 20:18:24 +0000 (20:18 +0000)]
Revert forcing a rachitic `c' slice size when the drive geometry is not known,
now that the disklabel code will reduce MAXDISKSIZE to the real size if a Sun
label is found.

9 years agoDon't bother to initialize %g1; we don't do this on sparc either.
kettenis [Fri, 16 Jan 2015 20:17:07 +0000 (20:17 +0000)]
Don't bother to initialize %g1; we don't do this on sparc either.

ok miod@

9 years agodisklabel_sun_to_bsd() will nicely set the disk size if it is zero, but it is
miod [Fri, 16 Jan 2015 20:17:05 +0000 (20:17 +0000)]
disklabel_sun_to_bsd() will nicely set the disk size if it is zero, but it is
usually invoked after initdisklabel() which proactively changes a zero disk
size to MAXDISKSIZE, causing this test to fail.

Allow for MAXDISKSIZE too in that test. This makes spoofed disklabels of SMD
disks have a proper `c' slice size.

luna88k disklabel_om_to_bsd() is modified accordingly, to keep diffability,
even though luna88k can't - to the best of my knowledge - sport SMD disk
controllers.

ok deraadt@ krw@

9 years agoUse ">", not ">=" when comparing length to HOST_NAME_MAX since
millert [Fri, 16 Jan 2015 18:20:14 +0000 (18:20 +0000)]
Use ">", not ">=" when comparing length to HOST_NAME_MAX since
otherwise we end up needlessly replacing a NUL with a NUL.
OK deraadt@

9 years agoReplace HOST_NAME_MAX+1-1 with HOST_NAME_MAX. OK deraad@
millert [Fri, 16 Jan 2015 18:18:58 +0000 (18:18 +0000)]
Replace HOST_NAME_MAX+1-1 with HOST_NAME_MAX.  OK deraad@

9 years agoReplace check for ">= HOST_NAME_MAX+1" with "> HOST_NAME_MAX".
millert [Fri, 16 Jan 2015 18:10:31 +0000 (18:10 +0000)]
Replace check for ">= HOST_NAME_MAX+1" with "> HOST_NAME_MAX".
OK deraadt@

9 years agoAdd missing <limits.h> to file.c and remove definition of PATH_MAX
millert [Fri, 16 Jan 2015 18:08:15 +0000 (18:08 +0000)]
Add missing <limits.h> to file.c and remove definition of PATH_MAX
which masked the missing include.  OK deraadt@

9 years agoproperly handle opening parentheses, correctly quote vertical bars,
schwarze [Fri, 16 Jan 2015 17:20:24 +0000 (17:20 +0000)]
properly handle opening parentheses, correctly quote vertical bars,
and do not use the legacy predefined string \*(Ba

9 years agoAdd test that exchanges database description packets with ospfd.
bluhm [Fri, 16 Jan 2015 17:06:43 +0000 (17:06 +0000)]
Add test that exchanges database description packets with ospfd.
From Florian Riehm.

9 years agoincreasing the size of the namecache suddenly made the comment
tedu [Fri, 16 Jan 2015 17:05:49 +0000 (17:05 +0000)]
increasing the size of the namecache suddenly made the comment
"This makes the algorithm O(n^2), but do you think I care?"
a lot more meaningful, as discovered by krw.
fix the loop so it doesn't restart all the time, as it's not necessary.
(this was also tried years ago in rev 1.20 and reverted, but that change
also introduced pool_put before the namecache was ready to free things. we
have been freeing cache entries with pool_put for some time now, so that's
been made safe.)
ok deraadt krw

9 years agoParse and ignore .IX (generate index entry) macros because pod2man(1)
schwarze [Fri, 16 Jan 2015 16:52:39 +0000 (16:52 +0000)]
Parse and ignore .IX (generate index entry) macros because pod2man(1)
emits them, by default without defining them, relying on the roff(7)
quirk that undefined macros have no effect.
This cures 1996 mandoc ERRORs in src/gnu.

9 years agoMove to the <limits.h> universe.
deraadt [Fri, 16 Jan 2015 16:48:51 +0000 (16:48 +0000)]
Move to the <limits.h> universe.
review by millert, binary checking process with doug, concept with guenther

9 years agoMore evil bootstrap code. #ifndef ALIGNBYTES #define ALIGNBYTES 3.
deraadt [Fri, 16 Jan 2015 16:25:50 +0000 (16:25 +0000)]
More evil bootstrap code.  #ifndef ALIGNBYTES  #define ALIGNBYTES 3.
Which makes this code go all wrong depending on where a system has put
their things like ALIGNBYTES.
Delete with prejudice.  When someone needs to compile this in another
environment, they need to face this hurdle, and maybe change the
embedded memory allocator...

9 years agogarbage collect empty .No macros mandoc warns about
schwarze [Fri, 16 Jan 2015 16:20:23 +0000 (16:20 +0000)]
garbage collect empty .No macros mandoc warns about

9 years ago<sys/param.h> to <limits.h> conversion. Verified binaries
deraadt [Fri, 16 Jan 2015 16:18:07 +0000 (16:18 +0000)]
<sys/param.h> to <limits.h> conversion.  Verified binaries
ok millert, thanks to doug for process advice

9 years agoadd missing .An macros
schwarze [Fri, 16 Jan 2015 16:16:36 +0000 (16:16 +0000)]
add missing .An macros

9 years agochange to <limits.h> universe. The only changes in the binary are due
deraadt [Fri, 16 Jan 2015 16:04:38 +0000 (16:04 +0000)]
change to <limits.h> universe.  The only changes in the binary are due
to the heavy use of assert.
ok millert

9 years agomanage spacing in a simpler way, removing some useless macros mandoc warns about
schwarze [Fri, 16 Jan 2015 16:01:46 +0000 (16:01 +0000)]
manage spacing in a simpler way, removing some useless macros mandoc warns about

9 years agomove to <limits.h> where possible, annotate <sys/param.h> otherwise
deraadt [Fri, 16 Jan 2015 15:57:06 +0000 (15:57 +0000)]
move to <limits.h> where possible, annotate <sys/param.h> otherwise

9 years agoregression: incorrect error message on otherwise-successful
djm [Fri, 16 Jan 2015 15:55:07 +0000 (15:55 +0000)]
regression: incorrect error message on otherwise-successful
ssh-keygen -A. Reported by Dmitry Orlov, via deraadt@

9 years agofix placement of opening parentheses, and drop some .Xo while here
schwarze [Fri, 16 Jan 2015 15:53:24 +0000 (15:53 +0000)]
fix placement of opening parentheses, and drop some .Xo while here

9 years agoMove from <sys/param.h>. (The binary change is due to a line number
deraadt [Fri, 16 Jan 2015 15:40:16 +0000 (15:40 +0000)]
Move from <sys/param.h>.  (The binary change is due to a line number
passed to assert, found by doug)
ok millert

9 years agoArguments are just ".Ar", not ".Brq Ar" or even ".Ns { Ns Ar ... Ns }".
schwarze [Fri, 16 Jan 2015 15:37:20 +0000 (15:37 +0000)]
Arguments are just ".Ar", not ".Brq Ar" or even ".Ns { Ns Ar ... Ns }".
The .Ar macro already causes distinctive formatting in a standard way,
so there is no need for additional braces.
This also fixes the only mandoc warning in src/sbin.

9 years agoswitch to <limits.h>; ok millert
deraadt [Fri, 16 Jan 2015 15:36:29 +0000 (15:36 +0000)]
switch to <limits.h>; ok millert

9 years agoremove useless escaping; mandoc warned about some of this
schwarze [Fri, 16 Jan 2015 15:32:32 +0000 (15:32 +0000)]
remove useless escaping; mandoc warned about some of this

9 years agoProperly escape punctuation when given as an argument to a macro;
schwarze [Fri, 16 Jan 2015 15:30:10 +0000 (15:30 +0000)]
Properly escape punctuation when given as an argument to a macro;
this was the only mandoc warning in src/bin.

9 years agoLess code, more better. No longer need to worry about what mysterious
tedu [Fri, 16 Jan 2015 15:29:45 +0000 (15:29 +0000)]
Less code, more better. No longer need to worry about what mysterious
things will happen when machines have 8 byte longs.

9 years agoThe make code has "bootstrap", to allow it to be brought up on other
deraadt [Fri, 16 Jan 2015 15:17:34 +0000 (15:17 +0000)]
The make code has "bootstrap", to allow it to be brought up on other
systems.  Rarely used & tested -- perhaps once a decade. Perhaps not
even once this decade?  Anyways,
    #define PATH_MAX (MAXPATHLEN+1)
is quite wrong.  Delete the chunk, assuming any system this is ported
to has PATH_MAX.

9 years agoSSL_CTX_use_certificate_chain() has been added to LibreSSL and there
reyk [Fri, 16 Jan 2015 15:08:52 +0000 (15:08 +0000)]
SSL_CTX_use_certificate_chain() has been added to LibreSSL and there
is no need to keep a local copy in ssl_privsep.c.  This adds a little
burden on OpenSMTPD-portable because it will have to put it in
openbsd-compat for compatibility with legacy OpenSSL.

OK gilles@

9 years agoAdapt to <limits.h> universe.
deraadt [Fri, 16 Jan 2015 15:06:40 +0000 (15:06 +0000)]
Adapt to <limits.h> universe.
ok millert

9 years agoReplace <sys/param.h> with <limits.h>
deraadt [Fri, 16 Jan 2015 14:36:44 +0000 (14:36 +0000)]
Replace <sys/param.h> with <limits.h>
millert spotted the accidental <ctype.h> removal that caused binary change.

9 years agoThe SSL/TLS session Id context is limited to 32 bytes. Instead of
reyk [Fri, 16 Jan 2015 14:34:51 +0000 (14:34 +0000)]
The SSL/TLS session Id context is limited to 32 bytes.  Instead of
using the name of relayd relay or smtpd pki, use a 32 byte arc4random
buffer that should be unique for the context.  This fixes an issue in
OpenSMTPD when a long pki name could break the configuration.

OK gilles@ benno@

9 years agoTweak previous: Do not put punctuation on its own line, put it at the end
schwarze [Fri, 16 Jan 2015 14:19:07 +0000 (14:19 +0000)]
Tweak previous: Do not put punctuation on its own line, put it at the end
of the preceding macro line; no output change with mandoc, fixes output
with groff.  Also, if you want spacing back after .Sm off, do not add
an argument containing a blank character, simply rely on .Sm on.

9 years agoAdd regression tests for syslog over TLS.
bluhm [Fri, 16 Jan 2015 11:51:59 +0000 (11:51 +0000)]
Add regression tests for syslog over TLS.

9 years agoBinary code patching on amd64
sf [Fri, 16 Jan 2015 10:17:51 +0000 (10:17 +0000)]
Binary code patching on amd64

This commit adds generic infrastructure to do binary code patching on amd64.
The existing code patching for SMAP is converted to the new infrastruture.

More consumers and support for i386 will follow later.

This version of the diff has some simplifications in codepatch_fill_nop()
compared to a version that was:

OK @kettenis @mlarkin @jsg

9 years agoClean up macros in isakmpd(8).
bentley [Fri, 16 Jan 2015 09:08:41 +0000 (09:08 +0000)]
Clean up macros in isakmpd(8).

- Fix mandoc warnings ("WARNING: skipping empty macro: No")
- Mark up arguments with Ar, not Aq Ic
- Mark up pathnames with Pa

ok jmc@

9 years agoReplace <sys/param.h> with <limits.h>
doug [Fri, 16 Jan 2015 08:24:04 +0000 (08:24 +0000)]
Replace <sys/param.h> with <limits.h>

This patch is from Theo.  I helped verify that removing <sys/param.h>
doesn't change anything.

This produces the same binaries before and after with clang 3.5 and gcc
4.9.4 on amd64.  There is a slight difference in the way it is generated by
our old gcc 4.2.1 despite the fact that the preprocessed input is almost
identical.

ok deraadt@

9 years agowhen hostname canonicalisation is enabled, try to parse hostnames
djm [Fri, 16 Jan 2015 07:19:48 +0000 (07:19 +0000)]
when hostname canonicalisation is enabled, try to parse hostnames
as addresses before looking them up for canonicalisation.
fixes bz#2074 and avoids needless DNS lookups in some cases;
ok markus

9 years ago<sys/param.h> is not needed here either.
deraadt [Fri, 16 Jan 2015 06:47:03 +0000 (06:47 +0000)]
<sys/param.h> is not needed here either.
ok guenther millert doug

9 years agoReplace <sys/param.h> with <limits.h> and other less dirty headers where
deraadt [Fri, 16 Jan 2015 06:39:28 +0000 (06:39 +0000)]
Replace <sys/param.h> with <limits.h> and other less dirty headers where
possible.  Annotate <sys/param.h> lines with their current reasons.  Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc.  Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution.  These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)

9 years agoimprove checksum parsing slightly. now handles filenames with spaces.
tedu [Fri, 16 Jan 2015 06:16:12 +0000 (06:16 +0000)]
improve checksum parsing slightly. now handles filenames with spaces.
(though not names with ')'; sorry.)

9 years agojust to be careful, add a cpp guard that the sscanf sizes are ok
tedu [Fri, 16 Jan 2015 06:00:39 +0000 (06:00 +0000)]
just to be careful, add a cpp guard that the sscanf sizes are ok

9 years agoadjust to HOST_NAME_MAX+1 & LOGIN_NAME_MAX
deraadt [Fri, 16 Jan 2015 05:53:49 +0000 (05:53 +0000)]
adjust to HOST_NAME_MAX+1 & LOGIN_NAME_MAX

9 years agoIf MAXPATHLEN is undefined, do not set it to 512. Dangerous.
deraadt [Fri, 16 Jan 2015 05:46:44 +0000 (05:46 +0000)]
If MAXPATHLEN is undefined, do not set it to 512. Dangerous.

9 years agoComplete the list of functions in the paragraph that mentions that
lteo [Fri, 16 Jan 2015 04:12:45 +0000 (04:12 +0000)]
Complete the list of functions in the paragraph that mentions that
errbuf needs to hold at least PCAP_ERRBUF_SIZE chars.

9 years agoRename pcap_create()'s ebuf argument to errbuf to match the rest of the
lteo [Fri, 16 Jan 2015 04:03:04 +0000 (04:03 +0000)]
Rename pcap_create()'s ebuf argument to errbuf to match the rest of the
public pcap_* functions that use errbuf.  Mainline libpcap also uses
"errbuf" for pcap_create().

No object file change.

9 years agoAdd more missing argument names.
lteo [Fri, 16 Jan 2015 03:37:10 +0000 (03:37 +0000)]
Add more missing argument names.

9 years agoRemove pointless casts for several malloc/calloc/free calls. No object
lteo [Fri, 16 Jan 2015 03:19:57 +0000 (03:19 +0000)]
Remove pointless casts for several malloc/calloc/free calls.  No object
file change.

9 years agoThe BPF paper referenced in the SEE ALSO section was most likely an unpublished
lteo [Fri, 16 Jan 2015 03:07:03 +0000 (03:07 +0000)]
The BPF paper referenced in the SEE ALSO section was most likely an unpublished
draft.  Replace it with the authors' 1993 Winter USENIX paper, which is a more
authoritative reference on BPF.

ok deraadt@ jmc@ millert@

9 years agoFix a use after free, where the already freed p->opt.source was used by
lteo [Fri, 16 Jan 2015 03:04:19 +0000 (03:04 +0000)]
Fix a use after free, where the already freed p->opt.source was used by
pcap_cleanup_bpf() to disable monitor mode on 802.11 devices.

feedback blambert@
ok deraadt@ mikeb@ millert@

9 years agoDelete the MANLINT variable and the related SUFFIXES rules because
schwarze [Fri, 16 Jan 2015 01:58:17 +0000 (01:58 +0000)]
Delete the MANLINT variable and the related SUFFIXES rules because
since yesterday, "mandoc -Tlint -Wfatal" can no longer fail.
Instead, as suggested by deraadt@, provide a manlint target
that is *not* run during make build, but can be run
whenever you want to check syntax of manuals.
"nice stuff" deraadt@

9 years agosync
deraadt [Fri, 16 Jan 2015 01:37:15 +0000 (01:37 +0000)]
sync

9 years agoMerge in a commit from upstream..
brad [Fri, 16 Jan 2015 01:10:10 +0000 (01:10 +0000)]
Merge in a commit from upstream..

- Fix bug#637: fix that nsd.db grows limitlessly, an off by one
  on one megabyte free chunks, created during AXFRs of large zones,
  that caused the one megabyte chunk to be leaked.

ok sthen@

9 years agoSince <netdb.h> soon won't include <sys/param.h>, MAXHOSTNAMELEN may
deraadt [Fri, 16 Jan 2015 00:27:00 +0000 (00:27 +0000)]
Since <netdb.h> soon won't include <sys/param.h>, MAXHOSTNAMELEN may
not be in scope, so hardcode as 256.  Other options have more downside.

9 years agomove to PATH_MAX, etc; normalize includes for life in the <limits.h> universe
deraadt [Fri, 16 Jan 2015 00:19:12 +0000 (00:19 +0000)]
move to PATH_MAX, etc; normalize includes for life in the <limits.h> universe
ok guenther millert

9 years agoMove to using PATH_MAX
deraadt [Fri, 16 Jan 2015 00:18:06 +0000 (00:18 +0000)]
Move to using PATH_MAX
ok millert guenther

9 years agofirst batch of cleanup to programs based upon the namespace cleanups
deraadt [Fri, 16 Jan 2015 00:05:12 +0000 (00:05 +0000)]
first batch of cleanup to programs based upon the namespace cleanups
in net/pfvar.h sys/proc.h sys/ucred.h arpa/nameser.h
change to PATH_MAX, reduce use of MIN() and MAX(), HOST_NAME_MAX+1,
LOGIN_NAME_MAX, etc etc
ok millert guenther, some review by doug

9 years agofirst batch of programs adapting to the namespace cleanup
deraadt [Fri, 16 Jan 2015 00:03:37 +0000 (00:03 +0000)]
first batch of programs adapting to the namespace cleanup
(pfvar.h nameser.h proc.h ucred.h)
ok guenther millert, and some review from doug as well.

9 years agoSwitch to including <sys/types.h> instead of <sys/param.h>
deraadt [Fri, 16 Jan 2015 00:01:28 +0000 (00:01 +0000)]
Switch to including <sys/types.h> instead of <sys/param.h>
This hides the unavoidably cruddy sys/param.h namespace in some programs.
Little impact, because many programs are cruddy and still get it via
other includes.
ports testing thanks to sthen and naddy
ok guenther millert

9 years agoswitch to PATH_MAX
deraadt [Thu, 15 Jan 2015 23:59:28 +0000 (23:59 +0000)]
switch to PATH_MAX

9 years agoinclude <sys/syslimits.h> and switch to use of LOGIN_NAME_MAX, making
deraadt [Thu, 15 Jan 2015 23:59:09 +0000 (23:59 +0000)]
include <sys/syslimits.h> and switch to use of LOGIN_NAME_MAX, making
this far more standalone.  discussed with guenther
ok millert

9 years agoinclude <sys/syslimits.h> to get access to (and then use) NGROUPS_MAX
deraadt [Thu, 15 Jan 2015 23:58:39 +0000 (23:58 +0000)]
include <sys/syslimits.h> to get access to (and then use) NGROUPS_MAX
discussed at length with guenther
ok millert

9 years agoStop including <sys/param.h> and other stuff. Assume this will be included
deraadt [Thu, 15 Jan 2015 23:56:58 +0000 (23:56 +0000)]
Stop including <sys/param.h> and other stuff.  Assume this will be included
with sys limits in scope, so use PATH_MAX instead.
ok millert guenther

9 years agodo not assume <netmls/mpls.h> will pull in <limits.h> via <sys/param.h>
deraadt [Thu, 15 Jan 2015 23:51:04 +0000 (23:51 +0000)]
do not assume <netmls/mpls.h> will pull in <limits.h> via <sys/param.h>
get <limits.h> directly.
ok millert